program: syz_mount_image$nilfs2(&(0x7f0000000040), &(0x7f0000000340)='./bus\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x1, 0xad4, &(0x7f0000000a40)="$eJzs3U2MW0cBAOCxd73JtilxSkKXNLQJhbb8dNPsLuEngqRKhETUVIhLpQgOUZqWiBAkigRUlUhy4karKkic+BGnXqqCkOgFRT1xqUQjVUg9FQ4ciIKIxAECidHuznjtid1n74+fvf4+aTx+b97zzDw/P7/fmQCMrerS68LCTCWEy2+8cuzvD/9tenHM4eYU9aXXyZahWgihEocns897b2I5vnXjxdOd4kqYW3pNw+Gp68157w4hXAh7w5VQD7svX335rbknT1w8fmnf268eurYxtQcAgPHy1SuHFnb95U/377j52gNHwpY0evHN0v55PY7YFvf7j8Qd/7T/Xw3tw5WW0Goqm24yhup0+3QTHaZrzaeWTTfZJf+pLP9al+m2hPfPf6JlXKd6wyhL63E9VKqzbcPV6uzs8jF5WDqun6rMnj977tnnSyoosO7+9WAIYW9LOHqpfXi14Rtxy7Een9UaDm/AZ64x1HqsZ2MIyjqS4cjg8rrZWFZ6nQcUGttL3gABRPn1wjtcyM8srE3z0yZ7y//6E9XO88M6GPT631f+UyXnH+T/64u2OKyfzbo2pXql39G2OJxfR8jvX+r++8uvdLSPza9H1HosZ7frCKNyfaFbOScGXI7V6lb+fL3YrL4Y47QcvpSlt/5+8u90VL5joLN/5+f/BUEY7hDahmtr+axGydsfYHjl98010vXRKL+vL0/fUpC+tSB9uiD9roL0uwvSYZz99ns/CS9VVo7z82P6fs+Hp/Ns98T4A32WJz8f2W/++X2//Vpr/vn9xDDMfn/q6TOfe+bk1eX7/yvN9f92XN/T4UY9/rauxAnS+cL8vHrz3v96ez7VLtPdm5Xnng7TL73f2T5dZefK54SW7cwd5Zhpn297t+n2tE9Xz6abjmFrVt58/+SubL60/5G2q2l5TWb1rWX1mMrKkbYrO2KclwNWI62P3e7/T+vnTKhVnj177szjcTitp3+cqG1ZHH9gwOUG1q7X539mQvvzP9ua42vV1u3C9pXxleXtwuvx89rHzzXzaR8/H4fT/9w3J6aXxs+e/s65Z9a/+jDWnv/hC986de7cme+W/mZ+OoQhKMYq3nx5OIrRz5t02DIs5Vn1m8WKDEExNuGbkjdMwIbb/6PlnYDHzn771HNnnjtzfv7gwfm5uYOfn1/Yv7Rfv791777VhRJKC6ynlT/9sksCAAAAAAAAAAAA9Or7x49dfefNz767/Pz/yvN/6fn/dOdvev7/x9nz//lz8uk5+PQc4I4O6UvTZA2sTmXT1WL4YFbenVk+u7L5PhTjZj9+8fn/lF3ermsqz33Z+FqXwaw5gTvaS5nK2iDJ+wv8aIwvxfhXAUpUme48OsZF7VundT21T9HSLkVD+8CjI31vaW1I7Zik5787tuvU8mXvGEAZWX+DeJyw7DoCnf1jrNr//udKxUsvi9A9TA42v5+N7zrR6LqX3msPNgDro+z+P9N5zxSf/8NXti6GNNn1J9q3l3n7pdCPP7/TPjzs/U9udP55v32Dzr/s+g+6/89m/3c9b/+yHvPqq8v3Pz+/9m5LtmF3r/nn9U/tQO/sL/+bMf9Um0dCb/k3fpnln18Q6tF/s/zv6jH/O+q/Z3X5/y/mnxbbow/1mn91+ZpZtb0c+XnjdP0vP2+c3Mrqn9r2fJ/8v/ZCp/qvsqPG2zF/GGej0s9sv7L9iOZO++r7/40urG//v83CZpu1/D6Mz8QxaUOc7nPI+zvpt/zp/or0P7Ar+/xKwf+b/n9H2xdiXPR7SP3/3r6xfDmvHv/y0/pZj8syDdc6LNvNuq2BUfXeWF3/W4dwcsPz2Fp6HYc+HBmCMjRDY2IV8zX7iSu5/I1GY2NPaBUoNXNKX/5lHyeUnX/Zy79I3v9vvg+f9/+bp+f9/+bpef+/efp0/Ia6pef9/+bLM+//N0+/L/vcvH/gmYL0Dxek7+6c3jxsv79g/j0F6R8pSN/XTD/cNkVKf6Bg/gcL0u9tT9+Spz9UMP/HCtI/XpD+cEH6oy3prX1Ap/RPFMy/2aXnUca1/jDO8ufz/P5hfKTrP91+/zsL0oHR9dPXDhw9+Zuv15ef/59qng9J1/GOxOFaPH76QRzOr3uHluHFtDfj8F+z9GE/3wHjJG8/I/9/f6QgHRhd6T4vv28YQ5WtnUfHuKjdqm77+YyWT8b4UzH+dIwfi/FsjPfH+ECM5wZUPjbG0dd/d+ilysrx/vYsvdf7yfPngdraiQohzPdYnvz8QL/3s+ft+PVrrfmv8nEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA0lSXXhcWZiohXH7jlWNPnzi7f3HM4eYU9aXXyZahWnO+EB6P8USMfxHf3Lrx4unW+HaMK2EuVEKlOT48db2Z090hhAthb7gS6mH35asvvzX35ImLxy/te/vVQ9c2bgkAAADA5vf/AAAA//9LWAnF") r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_PRE_FAULT_MEMORY(r0, 0xc040aed5, &(0x7f0000000240)={0x1, 0x4000}) r1 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='.\x00', 0x0, 0x0) renameat2(r1, &(0x7f00000000c0)='./file0\x00', r1, &(0x7f0000000100)='./bus\x00', 0x0) symlink(&(0x7f00000000c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000040)='./file0\x00') openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)={0x200000, 0x0, 0x31}, 0x18) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000b00)={[{@user_xattr}, {@nodioread_nolock}, {@nodelalloc}]}, 0x1, 0x4a3, &(0x7f0000000580)="$eJzs3c1rXOUaAPBnZpo0SXNvP+7l0vbCbaEXej9oJh9IE3XjSl0UxIIbhRqTaayZZEJmUpvQRaq7LlyIoiAu3PsXuLEriyCudS8upKI1ggrCyDkzk+Zr4qBpBnJ+Pzid95z3dJ73zfC8nHnPOXMCyKyzyT+5iMGI+DwijjZWN+9wtvGydv/mVLLkol6//F0u3S9Zb+3a+n9HImI1Ivoi4tknI17KbY9bXV6ZnSyXS4vN9WJtbqFYXV65cG1ucqY0U5ofGb84MTE+PDY6sWd9vf3GK7cvffR074c/vX7v7puffJw0a7BZt7Efe6nR9Z44vmHboYh4/GEE64JCsz/93W4If0jy+f0tIs6l+X80CumnCWRBvV6v/1o/3K56tQ4cWPn0GDiXH4qIRjmfHxpqHMP/PQby5Uq19v+rlaX56cax8rHoyV+9Vi4NN78rHIueXLI+kpYfrI9uWR+LSI+B3yr0p+tDU5Xy9P4OdcAWR7bk/4+FRv4DGeErP2SX/Ifskv+QXfIfskv+Q3bJf8gu+Q/ZJf8hu+Q/ZJf8h+yS/5BJz1y6lCz11v3v09eXl2Yr1y9Ml6qzQ3NLU0NTlcWFoZlKZSa9Z2fu996vXKksjDwSSzeKtVK1Vqwur1yZqyzN166k9/VfKfXsS6+AThw/c+fLXESsPtqfLoneZp1chYOtXs9Ft+9BBrqj0O0BCOgaU3+QXb7jAzv8RO8mfe0qFva+LcD+yHe7AUDXnD/l/B9klfl/yC7z/5BdjvEB8/+QPeb/IbsG2zz/6y8bnt01HBF/jYgvCj2HW8/6Ag6C/De55vH/+aP/Htxa25v7OT1F0BsRr753+Z0bk7Xa4kiy/fv17bV3m9tHu9F+oFOtPG3lMQCQXWv3b061lv2M++0TjYsQtsc/1Jyb7EvPUQ6s5TZdq5Dbo2sXVm9FxMmd4ueazztvnPkYWCtsi3+i+ZprvEXa3kPpc9P3J/6pDfH/tSH+6T/9V4FsuJOMP8M75V8+zelYz7/N48/gHl070X78y6+Pf4U249+ZDmO8/P5rX7eNfyvi9I7xW/H60lhb4ydtO99h/HsvPPePdnX1Dxrvs1P8lqRUrM0tFKvLKxfS35GbKc2PjF+cmBgfHhudKKZz1MXWTPV2j5387O5u/R9oE3+3/ifb/tth/3/556fPn90l/n/O7fz5n9glfn9E/K/D+D+MfvViu7ok/nSb/ud3iZ9sG+swfvXtpw53uCsAsA+qyyuzk+VyaVFBQUFhvdDtkQl42B4kfbdbAgAAAAAAAAAAAHRqPy4n7nYfAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOgt8CAAD//1kn1ls=") r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x0, 0x80013, r2, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1ff) mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x17, 0x11, r3, 0x0) read$FUSE(r2, &(0x7f0000000b40)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r3, &(0x7f00000000c0)={0x50, 0x0, r4, {0x7, 0x2b, 0x5, 0x8010, 0x2, 0xfff1, 0x40, 0x8, 0x0, 0x0, 0x8, 0x400}}, 0x50) r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_ENABLE_VERITY(r5, 0x40806685, &(0x7f0000000a80)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$cramfs(&(0x7f0000000080), &(0x7f0000000000)='./file1\x00', 0x210080, &(0x7f00000006c0)=ANY=[@ANYRES16=0x0], 0x1, 0x14a, &(0x7f00000004c0)="$eJzszz9LanEYwPHv8fjneq9ehesF7x0qaOiQiMcjtkVoFAnZgcKlIYI8QaApCuFYQVtDL8ChEprEIRobyloshbDXITQEjcXxCGU0Nf8+y+F8n4cHfnPTHQU/yFhmC/liySiXjezYsp6eXzm/uPxtdhfwo7+RL5bM5ay1f5UAh/m1Q2/Pyjde9+BaIWf+9xKgAMlfsLnlQMXa/Wm2gNlyRnTQlHFo/rWa9kWLDdp/OyR9VjPvvZ7ABGDj/d4zUKmGGvW7pXYrFZ48W5M5SIVG/0jDfcQ41Nz/ap6gTMa4Pe0/s1J9jLTCD5FGvdtppxf1tN6JadpUTI2qaryr37dT8d0j7AueHVj9dM/pBDKwL0FVgnp/3ruWvEDz+EXP+1wB4GnbD9LHCQxPNtaDjtpMwG9DVpAQBEEQBEEQBEEQhG96CwAA//9MKGWM") r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0x149a82, 0x0) write$cgroup_int(r6, &(0x7f0000000040)=0x1f00, 0x12) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000000d00)={0x3, 0x0, 0x0, 0x0}) ppoll(&(0x7f0000000000)=[{r2, 0x1400}, {r5, 0x400}], 0x2, &(0x7f0000000140)={0x0, 0x3938700}, &(0x7f00000001c0)={[0x6]}, 0x8) truncate(&(0x7f0000000280)='./file1\x00', 0x1feffe) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) [ 68.010025][ T4661] Bluetooth: hci0: command tx timeout [ 68.100670][ T5314] loop0: detected capacity change from 0 to 2048 [ 68.141479][ T5316] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 68.174366][ T25] audit: type=1800 audit(1745976289.941:2): pid=5314 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.0" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 68.191767][ T5316] NILFS (loop0): vblocknr = 18 has abnormal lifetime: start cno (= 504403158265495554) > current cno (= 3) [ 68.196248][ T25] audit: type=1800 audit(1745976289.951:3): pid=5314 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.0" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 68.204776][ T5316] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=2) [ 68.209745][ T5316] [ 68.210740][ T5316] ====================================================== [ 68.213559][ T5316] WARNING: possible circular locking dependency detected [ 68.216299][ T5316] 6.15.0-rc4-syzkaller-00040-g8bac8898fe39 #0 Not tainted [ 68.218991][ T5316] ------------------------------------------------------ [ 68.221611][ T5316] segctord/5316 is trying to acquire lock: [ 68.224178][ T5316] ffff888036338090 (&nilfs->ns_sem){++++}-{4:4}, at: __nilfs_error+0x1ca/0x4b0 [ 68.227933][ T5316] [ 68.227933][ T5316] but task is already holding lock: [ 68.230694][ T5316] ffff8880363382a0 (&nilfs->ns_segctor_sem){++++}-{4:4}, at: nilfs_transaction_lock+0x253/0x4c0 [ 68.234720][ T5316] [ 68.234720][ T5316] which lock already depends on the new lock. [ 68.234720][ T5316] [ 68.238643][ T5316] [ 68.238643][ T5316] the existing dependency chain (in reverse order) is: [ 68.241934][ T5316] [ 68.241934][ T5316] -> #6 (&nilfs->ns_segctor_sem){++++}-{4:4}: [ 68.245082][ T5316] lock_acquire+0x120/0x360 [ 68.247089][ T5316] down_read+0x46/0x2e0 [ 68.248970][ T5316] nilfs_transaction_begin+0x365/0x710 [ 68.251403][ T5316] nilfs_rename+0x1bd/0x820 [ 68.253280][ T5316] vfs_rename+0xb99/0xec0 [ 68.255195][ T5316] do_renameat2+0x878/0xc50 [ 68.257123][ T5316] __x64_sys_renameat2+0xce/0xe0 [ 68.259217][ T5316] do_syscall_64+0xf6/0x210 [ 68.261126][ T5316] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.263591][ T5316] [ 68.263591][ T5316] -> #5 (sb_internal#2){.+.+}-{0:0}: [ 68.266389][ T5316] lock_acquire+0x120/0x360 [ 68.268285][ T5316] nilfs_transaction_begin+0x268/0x710 [ 68.270609][ T5316] nilfs_page_mkwrite+0x8b0/0xc20 [ 68.272720][ T5316] do_page_mkwrite+0x14a/0x310 [ 68.274733][ T5316] do_wp_page+0x2626/0x5760 [ 68.276646][ T5316] __handle_mm_fault+0x1028/0x5380 [ 68.278763][ T5316] handle_mm_fault+0x3f6/0x8c0 [ 68.280716][ T5316] do_user_addr_fault+0xa81/0x1390 [ 68.282809][ T5316] exc_page_fault+0x68/0x110 [ 68.284760][ T5316] asm_exc_page_fault+0x26/0x30 [ 68.286775][ T5316] [ 68.286775][ T5316] -> #4 (sb_pagefaults){.+.+}-{0:0}: [ 68.289702][ T5316] lock_acquire+0x120/0x360 [ 68.291604][ T5316] nilfs_page_mkwrite+0x21e/0xc20 [ 68.293803][ T5316] do_page_mkwrite+0x14a/0x310 [ 68.295869][ T5316] do_wp_page+0x2626/0x5760 [ 68.297784][ T5316] __handle_mm_fault+0x1028/0x5380 [ 68.299955][ T5316] handle_mm_fault+0x3f6/0x8c0 [ 68.302037][ T5316] do_user_addr_fault+0xa81/0x1390 [ 68.304231][ T5316] exc_page_fault+0x68/0x110 [ 68.306185][ T5316] asm_exc_page_fault+0x26/0x30 [ 68.308240][ T5316] [ 68.308240][ T5316] -> #3 (vm_lock){++++}-{0:0}: [ 68.310815][ T5316] lock_acquire+0x120/0x360 [ 68.312943][ T5316] __vma_enter_locked+0x182/0x380 [ 68.315114][ T5316] __vma_start_write+0x1e/0x120 [ 68.317220][ T5316] mprotect_fixup+0x571/0x9b0 [ 68.319251][ T5316] setup_arg_pages+0x53a/0xaa0 [ 68.321320][ T5316] load_elf_binary+0xb7a/0x27b0 [ 68.323383][ T5316] bprm_execve+0x999/0x1440 [ 68.325326][ T5316] kernel_execve+0x8f0/0x9f0 [ 68.327384][ T5316] try_to_run_init_process+0x13/0x60 [ 68.329613][ T5316] kernel_init+0xad/0x1d0 [ 68.331588][ T5316] ret_from_fork+0x4b/0x80 [ 68.333607][ T5316] ret_from_fork_asm+0x1a/0x30 [ 68.335754][ T5316] [ 68.335754][ T5316] -> #2 (&mm->mmap_lock){++++}-{4:4}: [ 68.338732][ T5316] lock_acquire+0x120/0x360 [ 68.340667][ T5316] __might_fault+0xcc/0x130 [ 68.342637][ T5316] _copy_to_iter+0xf3/0x15a0 [ 68.344678][ T5316] copy_page_to_iter+0xa7/0x150 [ 68.346705][ T5316] filemap_read+0x78d/0x11d0 [ 68.348653][ T5316] blkdev_read_iter+0x30a/0x440 [ 68.350751][ T5316] vfs_read+0x4cd/0x980 [ 68.352528][ T5316] ksys_read+0x145/0x250 [ 68.354397][ T5316] do_syscall_64+0xf6/0x210 [ 68.356429][ T5316] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.359040][ T5316] [ 68.359040][ T5316] -> #1 (&sb->s_type->i_mutex_key#8){++++}-{4:4}: [ 68.362516][ T5316] lock_acquire+0x120/0x360 [ 68.364580][ T5316] down_write+0x96/0x1f0 [ 68.366507][ T5316] set_blocksize+0x23b/0x500 [ 68.368633][ T5316] sb_min_blocksize+0x119/0x210 [ 68.370805][ T5316] init_nilfs+0x43/0x690 [ 68.372852][ T5316] nilfs_fill_super+0x8f/0x650 [ 68.375189][ T5316] nilfs_get_tree+0x4f4/0x870 [ 68.377759][ T5316] vfs_get_tree+0x8f/0x2b0 [ 68.379913][ T5316] do_new_mount+0x24a/0xa40 [ 68.381845][ T5316] __se_sys_mount+0x317/0x410 [ 68.383912][ T5316] do_syscall_64+0xf6/0x210 [ 68.385786][ T5316] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.388241][ T5316] [ 68.388241][ T5316] -> #0 (&nilfs->ns_sem){++++}-{4:4}: [ 68.391186][ T5316] validate_chain+0xb9b/0x2140 [ 68.393173][ T5316] __lock_acquire+0xaac/0xd20 [ 68.395187][ T5316] lock_acquire+0x120/0x360 [ 68.397145][ T5316] down_write+0x96/0x1f0 [ 68.398939][ T5316] __nilfs_error+0x1ca/0x4b0 [ 68.400970][ T5316] nilfs_bmap_propagate+0x108/0x130 [ 68.403061][ T5316] nilfs_collect_file_data+0x4f/0xd0 [ 68.405230][ T5316] nilfs_segctor_apply_buffers+0x161/0x330 [ 68.407610][ T5316] nilfs_segctor_scan_file+0x68e/0x8e0 [ 68.409978][ T5316] nilfs_segctor_do_construct+0x1b9d/0x6970 [ 68.412374][ T5316] nilfs_segctor_construct+0x17b/0x690 [ 68.414690][ T5316] nilfs_segctor_thread+0x6f7/0xe00 [ 68.416825][ T5316] kthread+0x70e/0x8a0 [ 68.418569][ T5316] ret_from_fork+0x4b/0x80 [ 68.420440][ T5316] ret_from_fork_asm+0x1a/0x30 [ 68.422328][ T5316] [ 68.422328][ T5316] other info that might help us debug this: [ 68.422328][ T5316] [ 68.426107][ T5316] Chain exists of: [ 68.426107][ T5316] &nilfs->ns_sem --> sb_internal#2 --> &nilfs->ns_segctor_sem [ 68.426107][ T5316] [ 68.431172][ T5316] Possible unsafe locking scenario: [ 68.431172][ T5316] [ 68.433977][ T5316] CPU0 CPU1 [ 68.435916][ T5316] ---- ---- [ 68.437903][ T5316] lock(&nilfs->ns_segctor_sem); [ 68.439745][ T5316] lock(sb_internal#2); [ 68.442252][ T5316] lock(&nilfs->ns_segctor_sem); [ 68.445148][ T5316] lock(&nilfs->ns_sem); [ 68.446802][ T5316] [ 68.446802][ T5316] *** DEADLOCK *** [ 68.446802][ T5316] [ 68.449663][ T5316] 1 lock held by segctord/5316: [ 68.451578][ T5316] #0: ffff8880363382a0 (&nilfs->ns_segctor_sem){++++}-{4:4}, at: nilfs_transaction_lock+0x253/0x4c0 [ 68.455672][ T5316] [ 68.455672][ T5316] stack backtrace: [ 68.458032][ T5316] CPU: 0 UID: 0 PID: 5316 Comm: segctord Not tainted 6.15.0-rc4-syzkaller-00040-g8bac8898fe39 #0 PREEMPT(full) [ 68.458045][ T5316] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 68.458053][ T5316] Call Trace: [ 68.458061][ T5316] [ 68.458066][ T5316] dump_stack_lvl+0x189/0x250 [ 68.458091][ T5316] ? __pfx_dump_stack_lvl+0x10/0x10 [ 68.458105][ T5316] ? __pfx__printk+0x10/0x10 [ 68.458115][ T5316] ? print_lock_name+0xde/0x100 [ 68.458129][ T5316] print_circular_bug+0x2ee/0x310 [ 68.458141][ T5316] check_noncircular+0x134/0x160 [ 68.458155][ T5316] validate_chain+0xb9b/0x2140 [ 68.458166][ T5316] ? irq_work_queue+0xc3/0x140 [ 68.458189][ T5316] __lock_acquire+0xaac/0xd20 [ 68.458204][ T5316] ? __nilfs_error+0x1ca/0x4b0 [ 68.458212][ T5316] lock_acquire+0x120/0x360 [ 68.458224][ T5316] ? __nilfs_error+0x1ca/0x4b0 [ 68.458233][ T5316] ? _printk+0xcf/0x120 [ 68.458242][ T5316] down_write+0x96/0x1f0 [ 68.458259][ T5316] ? __nilfs_error+0x1ca/0x4b0 [ 68.458266][ T5316] ? __pfx_down_write+0x10/0x10 [ 68.458278][ T5316] __nilfs_error+0x1ca/0x4b0 [ 68.458289][ T5316] ? __pfx___nilfs_error+0x10/0x10 [ 68.458298][ T5316] ? nilfs_bmap_propagate+0x84/0x130 [ 68.458310][ T5316] nilfs_bmap_propagate+0x108/0x130 [ 68.458321][ T5316] nilfs_collect_file_data+0x4f/0xd0 [ 68.458335][ T5316] nilfs_segctor_apply_buffers+0x161/0x330 [ 68.458348][ T5316] ? __pfx_nilfs_collect_file_data+0x10/0x10 [ 68.458360][ T5316] nilfs_segctor_scan_file+0x68e/0x8e0 [ 68.458380][ T5316] ? __pfx_nilfs_segctor_scan_file+0x10/0x10 [ 68.458396][ T5316] ? __pfx___might_resched+0x10/0x10 [ 68.458405][ T5316] ? __pfx_wake_up_bit+0x10/0x10 [ 68.458417][ T5316] ? nilfs_sufile_mark_dirty+0x2ad/0x4e0 [ 68.458427][ T5316] ? nilfs_segbuf_extend_segsum+0x2aa/0x3b0 [ 68.458438][ T5316] ? rcu_is_watching+0x15/0xb0 [ 68.458453][ T5316] nilfs_segctor_do_construct+0x1b9d/0x6970 [ 68.458478][ T5316] ? __pfx_nilfs_segctor_do_construct+0x10/0x10 [ 68.458491][ T5316] ? __lock_acquire+0xaac/0xd20 [ 68.458504][ T5316] ? do_raw_spin_lock+0x121/0x290 [ 68.458516][ T5316] ? do_raw_spin_unlock+0x4d/0x240 [ 68.458526][ T5316] ? _raw_spin_unlock+0x28/0x50 [ 68.458534][ T5316] ? nilfs_segctor_confirm+0x24e/0x2d0 [ 68.458548][ T5316] nilfs_segctor_construct+0x17b/0x690 [ 68.458561][ T5316] nilfs_segctor_thread+0x6f7/0xe00 [ 68.458578][ T5316] ? __pfx_nilfs_segctor_thread+0x10/0x10 [ 68.458588][ T5316] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 68.458599][ T5316] ? __pfx_autoremove_wake_function+0x10/0x10 [ 68.458610][ T5316] ? __kthread_parkme+0x7b/0x200 [ 68.458620][ T5316] ? __kthread_parkme+0x1a1/0x200 [ 68.458629][ T5316] kthread+0x70e/0x8a0 [ 68.458640][ T5316] ? __pfx_nilfs_segctor_thread+0x10/0x10 [ 68.458652][ T5316] ? __pfx_kthread+0x10/0x10 [ 68.458662][ T5316] ? __pfx_kthread+0x10/0x10 [ 68.458672][ T5316] ? _raw_spin_unlock_irq+0x23/0x50 [ 68.458680][ T5316] ? lockdep_hardirqs_on+0x9c/0x150 [ 68.458692][ T5316] ? __pfx_kthread+0x10/0x10 [ 68.458701][ T5316] ret_from_fork+0x4b/0x80 [ 68.458711][ T5316] ? __pfx_kthread+0x10/0x10 [ 68.458720][ T5316] ret_from_fork_asm+0x1a/0x30 [ 68.458733][ T5316] [ 68.590091][ T5316] Remounting filesystem read-only [ 68.594316][ T5314] PM: Image not found (code -22)